2 matches found
Sql injection
SQL injection vulnerability in catproducts.php in SoftBiz Dating Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. NOTE: this might overlap CVE-2006-3271.4...
CVE-2006-3271
The data indicates CVE-2006-3271 affects Softbiz Dating Script 1.0, with multiple SQL injection vulnerabilities in PHP files (search_results.php via country and sort_by; featured_photos.php via browse; products.php, index.php, news_desc.php via cid). The root cause is unsafely interpolated user i...